fh_tool-cli 0.2.1__tar.gz → 0.2.3__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/PKG-INFO +36 -5
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/README.md +33 -4
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/pyproject.toml +3 -1
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/account.py +62 -1
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/backends/cfg_cmd.py +15 -3
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/backends/fh_tool.py +25 -1
- fh_tool_cli-0.2.3/src/fh_tool_cli/backends/telnet.py +138 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/backends/web_ajax.py +60 -1
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/backup.py +17 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/cli.py +83 -47
- fh_tool_cli-0.2.3/src/fh_tool_cli/click_cli.py +314 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/client.py +18 -1
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/commands/web.py +68 -20
- fh_tool_cli-0.2.3/src/fh_tool_cli/credential_sources.py +47 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/credentials.py +1 -1
- fh_tool_cli-0.2.3/src/fh_tool_cli/output.py +100 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/parser.py +8 -1
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/remote.py +25 -4
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli.egg-info/PKG-INFO +36 -5
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli.egg-info/SOURCES.txt +5 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli.egg-info/requires.txt +2 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_account.py +57 -3
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_backup.py +26 -0
- fh_tool_cli-0.2.3/tests/test_click_cli.py +93 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_credentials.py +42 -3
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_remote.py +25 -3
- fh_tool_cli-0.2.3/tests/test_telnet_backend.py +73 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_web_ajax.py +172 -10
- fh_tool_cli-0.2.3/tests/test_web_ajax_post.py +234 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_web_write_payloads.py +75 -1
- fh_tool_cli-0.2.1/src/fh_tool_cli/backends/telnet.py +0 -66
- fh_tool_cli-0.2.1/tests/test_web_ajax_post.py +0 -128
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/setup.cfg +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/__init__.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/argparse_utils.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/backends/__init__.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/backends/local_vm.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/commands/__init__.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/config_decrypt.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/config_store.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/crypto.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/diagnostics.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/errors.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/risk.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/upload.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/web_discovery.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli/web_writes.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli.egg-info/dependency_links.txt +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli.egg-info/entry_points.txt +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/src/fh_tool_cli.egg-info/top_level.txt +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_cfg_cmd.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_cli_risk.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_config_decrypt.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_diagnostics.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_extracted_helpers.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_local_vm_integration.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_parser_registration.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_upload.py +0 -0
- {fh_tool_cli-0.2.1 → fh_tool_cli-0.2.3}/tests/test_web_discovery.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: fh_tool-cli
|
|
3
|
-
Version: 0.2.
|
|
3
|
+
Version: 0.2.3
|
|
4
4
|
Summary: 用于本地管理 FiberHome fh_tool 接口的 Python CLI
|
|
5
5
|
Author: Gxxk
|
|
6
6
|
License-Expression: AGPL-3.0-or-later
|
|
@@ -9,8 +9,10 @@ Classifier: Programming Language :: Python :: 3
|
|
|
9
9
|
Classifier: Topic :: System :: Networking
|
|
10
10
|
Requires-Python: >=3.11
|
|
11
11
|
Description-Content-Type: text/markdown
|
|
12
|
+
Requires-Dist: click>=8.1.0
|
|
12
13
|
Requires-Dist: cryptography>=42.0.0
|
|
13
14
|
Requires-Dist: requests>=2.31.0
|
|
15
|
+
Requires-Dist: rich>=13.7.0
|
|
14
16
|
|
|
15
17
|
# fh_tool-cli
|
|
16
18
|
|
|
@@ -38,6 +40,20 @@ uv run fh-tool --help
|
|
|
38
40
|
|
|
39
41
|
下文示例中的 `fh-tool ...` 如果是在源码目录内运行,可以统一写成 `uv run fh-tool ...`。
|
|
40
42
|
|
|
43
|
+
## CLI 输出和日志
|
|
44
|
+
|
|
45
|
+
CLI 入口使用 Click,错误和日志输出使用 Rich。命令结果只写 stdout;错误、警告和日志写 stderr,便于脚本把 stdout 当作数据流处理。
|
|
46
|
+
|
|
47
|
+
```bash
|
|
48
|
+
fh-tool --verbose probe --json
|
|
49
|
+
fh-tool --quiet config show
|
|
50
|
+
fh-tool --log-file fh-tool.log dev-info
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
`--json` 输出稳定的 machine-readable JSON,不混入日志或样式。当前默认人类输出仍保持 pretty JSON,以兼容已有脚本;后续可以在不影响 `--json` 的前提下逐步增加表格化输出。
|
|
54
|
+
|
|
55
|
+
`--log-file` 写入 JSON lines 结构化日志;`-v/-vv` 控制 info/debug 事件,`-q` 只保留 error 级别。日志只记录 command、HTTP method、状态码、cfg path、风险等级等元数据,密码、session、token、LOID、PPPoE 等字段会脱敏。
|
|
56
|
+
|
|
41
57
|
## 快速配置
|
|
42
58
|
|
|
43
59
|
保存默认 IP/MAC:
|
|
@@ -135,7 +151,7 @@ fh-tool wan list --backend local-vm
|
|
|
135
151
|
|
|
136
152
|
`local-vm` 只是在本机 proot VM 内执行厂商 `cfg_cmd`。`--vm-root` 必须指向 VM 工作区目录,也就是包含 `bin/proot-shell` 和 `rootfs-vm/fhrom/bin/cfg_cmd` 的目录;默认是 `/mnt/dev-cold/HG5143F-ONU-vm`。不要把它指到里面的 `rootfs-vm/`。
|
|
137
153
|
|
|
138
|
-
Web AJAX 读取命令只读。需要复用已有 Web session 时加 `--sessionid`;需要登录时可显式传 `--password-stdin` 或 `--password`。未显式提供密码时默认 `--username useradmin --password-source auto`,会依次尝试 `GetAdminAccount` 和 cfg 路径读取 Web superadmin
|
|
154
|
+
Web AJAX 读取命令只读。需要复用已有 Web session 时加 `--sessionid`;需要登录时可显式传 `--password-stdin` 或 `--password`。未显式提供密码时默认 `--username useradmin --password-source auto`,会依次尝试 `GetAdminAccount` 和 cfg 路径读取 Web superadmin 密码;cfg 来源需要 Telnet 时会默认使用 HG5143F 派生 Telnet 凭据 fallback,可用 `--no-derived-credentials` 关闭。失败不会阻塞只读抓取,并会在结果里返回脱敏 login summary。sessionid、密码、LOID、PPPoE 等敏感字段默认会脱敏;只有显式加 `--reveal-secrets` 才输出明文。
|
|
139
155
|
|
|
140
156
|
后台 AJAX 接口发现以 live discovery 为主路径,不需要 HAR,也不需要 rootfs:
|
|
141
157
|
|
|
@@ -160,13 +176,18 @@ fh-tool web services set --service telnet --enabled 0 --confirm
|
|
|
160
176
|
|
|
161
177
|
常规 Web 写接口优先使用 typed 参数。`web ajax post` 和 `web ajax replay` 支持任意已知或未知 AJAX method,默认只输出计划,不发 POST;执行必须加 `--confirm`,且默认拒绝空 payload。`--json-payload` 和可重复的 `--param k=v` 仍保留为固件差异逃生口,合并顺序是 typed 参数、JSON、最后 `--param` 覆盖。旧的确认参数会直接报弃用错误。
|
|
162
178
|
|
|
163
|
-
|
|
179
|
+
Web AJAX 写命令 dry-run 不会登录;加 `--confirm` 后,如果没有显式 `--sessionid`,会要求自动登录成功后才发 POST。
|
|
180
|
+
|
|
181
|
+
Telnet/cfg/诊断命令在未显式传 Telnet 密码时,会默认使用 HG5143F 派生 Telnet 凭据 fallback;显式传入的用户名/密码始终优先。如果设备不是该规则,或需要保留空凭据/自定义认证,可加 `--no-derived-credentials` 关闭。`--use-derived-credentials` 仍作为兼容参数接受:
|
|
164
182
|
|
|
165
183
|
```bash
|
|
166
|
-
fh-tool cfg get InternetGatewayDevice.DeviceInfo.Manufacturer
|
|
167
|
-
fh-tool wan list
|
|
184
|
+
fh-tool cfg get InternetGatewayDevice.DeviceInfo.Manufacturer
|
|
185
|
+
fh-tool wan list
|
|
186
|
+
fh-tool cfg get InternetGatewayDevice.DeviceInfo.Manufacturer --no-derived-credentials
|
|
168
187
|
```
|
|
169
188
|
|
|
189
|
+
需要 root shell 的 Telnet 操作会自动执行 `su root`,当前 su 密码默认按 HG5143F 规则从 MAC 派生;如果 runtime su 密码已经被你改过,可显式传 `--su-password` 或 `--su-password-stdin`。例如 device restore、`cloud disable-cloudclt --confirm`、`account set-su-runtime-password --confirm` 会走 root runner。`account set-su-runtime-password` 写入的是 `/var/telsu` 的 passwd 格式 md5-crypt 行,不会把明文密码写入远端命令。
|
|
190
|
+
|
|
170
191
|
诊断命令保持只读;`ip status` 这类依赖 VM/userspace 工具的命令会分别标记每个 probe 的 `ok/output/error`,工具缺失时输出 `partial_failure=true`,不会吞掉其它已成功字段。
|
|
171
192
|
|
|
172
193
|
本地 VM 集成测试默认会跳过;需要显式指定 VM 目录才会运行:
|
|
@@ -211,6 +232,8 @@ fh-tool restore backup.tgz \
|
|
|
211
232
|
|
|
212
233
|
当前 restore 只恢复 allowlist 内的配置文件,且会拒绝路径穿越、绝对路径逃逸和未知文件写入。`/proc/mtd`、runtime password 文件、restore/factory reset flag 等备份内容不会被恢复。恢复后会 read-back/hash verify;不会自动 reboot,也不会自动 factory reset。
|
|
213
234
|
|
|
235
|
+
默认备份清单包含调研确认的 `/fhconf`、`/fhdata`、runtime password、CloudPlat/appframework 状态和 boot/app 信息等只读路径;这些新增调研路径不会自动加入 restore allowlist。
|
|
236
|
+
|
|
214
237
|
## CloudPlat / SmartSwitch
|
|
215
238
|
|
|
216
239
|
CloudPlat 默认先做只读审计和计划:
|
|
@@ -229,6 +252,14 @@ fh-tool cloud disable-smartswitch --confirm
|
|
|
229
252
|
|
|
230
253
|
该命令不会修改 LOID、PON、WAN VLAN、ServiceList 或 TR-069 VLAN。
|
|
231
254
|
|
|
255
|
+
只停 CloudPlat 连接优先使用 SAF container 内的 `cloudclt` init 脚本:
|
|
256
|
+
|
|
257
|
+
```bash
|
|
258
|
+
fh-tool cloud disable-cloudclt --confirm
|
|
259
|
+
```
|
|
260
|
+
|
|
261
|
+
该命令通过 `lxc-attach -n saf -- /etc/init.d/cloudclt stop/disable` 执行,需要 root runner;仍然不会 patch 启动脚本或删除 package。
|
|
262
|
+
|
|
232
263
|
## 22 个 `/fh_tool/api` method 覆盖
|
|
233
264
|
|
|
234
265
|
已提供 typed command:
|
|
@@ -24,6 +24,20 @@ uv run fh-tool --help
|
|
|
24
24
|
|
|
25
25
|
下文示例中的 `fh-tool ...` 如果是在源码目录内运行,可以统一写成 `uv run fh-tool ...`。
|
|
26
26
|
|
|
27
|
+
## CLI 输出和日志
|
|
28
|
+
|
|
29
|
+
CLI 入口使用 Click,错误和日志输出使用 Rich。命令结果只写 stdout;错误、警告和日志写 stderr,便于脚本把 stdout 当作数据流处理。
|
|
30
|
+
|
|
31
|
+
```bash
|
|
32
|
+
fh-tool --verbose probe --json
|
|
33
|
+
fh-tool --quiet config show
|
|
34
|
+
fh-tool --log-file fh-tool.log dev-info
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
`--json` 输出稳定的 machine-readable JSON,不混入日志或样式。当前默认人类输出仍保持 pretty JSON,以兼容已有脚本;后续可以在不影响 `--json` 的前提下逐步增加表格化输出。
|
|
38
|
+
|
|
39
|
+
`--log-file` 写入 JSON lines 结构化日志;`-v/-vv` 控制 info/debug 事件,`-q` 只保留 error 级别。日志只记录 command、HTTP method、状态码、cfg path、风险等级等元数据,密码、session、token、LOID、PPPoE 等字段会脱敏。
|
|
40
|
+
|
|
27
41
|
## 快速配置
|
|
28
42
|
|
|
29
43
|
保存默认 IP/MAC:
|
|
@@ -121,7 +135,7 @@ fh-tool wan list --backend local-vm
|
|
|
121
135
|
|
|
122
136
|
`local-vm` 只是在本机 proot VM 内执行厂商 `cfg_cmd`。`--vm-root` 必须指向 VM 工作区目录,也就是包含 `bin/proot-shell` 和 `rootfs-vm/fhrom/bin/cfg_cmd` 的目录;默认是 `/mnt/dev-cold/HG5143F-ONU-vm`。不要把它指到里面的 `rootfs-vm/`。
|
|
123
137
|
|
|
124
|
-
Web AJAX 读取命令只读。需要复用已有 Web session 时加 `--sessionid`;需要登录时可显式传 `--password-stdin` 或 `--password`。未显式提供密码时默认 `--username useradmin --password-source auto`,会依次尝试 `GetAdminAccount` 和 cfg 路径读取 Web superadmin
|
|
138
|
+
Web AJAX 读取命令只读。需要复用已有 Web session 时加 `--sessionid`;需要登录时可显式传 `--password-stdin` 或 `--password`。未显式提供密码时默认 `--username useradmin --password-source auto`,会依次尝试 `GetAdminAccount` 和 cfg 路径读取 Web superadmin 密码;cfg 来源需要 Telnet 时会默认使用 HG5143F 派生 Telnet 凭据 fallback,可用 `--no-derived-credentials` 关闭。失败不会阻塞只读抓取,并会在结果里返回脱敏 login summary。sessionid、密码、LOID、PPPoE 等敏感字段默认会脱敏;只有显式加 `--reveal-secrets` 才输出明文。
|
|
125
139
|
|
|
126
140
|
后台 AJAX 接口发现以 live discovery 为主路径,不需要 HAR,也不需要 rootfs:
|
|
127
141
|
|
|
@@ -146,13 +160,18 @@ fh-tool web services set --service telnet --enabled 0 --confirm
|
|
|
146
160
|
|
|
147
161
|
常规 Web 写接口优先使用 typed 参数。`web ajax post` 和 `web ajax replay` 支持任意已知或未知 AJAX method,默认只输出计划,不发 POST;执行必须加 `--confirm`,且默认拒绝空 payload。`--json-payload` 和可重复的 `--param k=v` 仍保留为固件差异逃生口,合并顺序是 typed 参数、JSON、最后 `--param` 覆盖。旧的确认参数会直接报弃用错误。
|
|
148
162
|
|
|
149
|
-
|
|
163
|
+
Web AJAX 写命令 dry-run 不会登录;加 `--confirm` 后,如果没有显式 `--sessionid`,会要求自动登录成功后才发 POST。
|
|
164
|
+
|
|
165
|
+
Telnet/cfg/诊断命令在未显式传 Telnet 密码时,会默认使用 HG5143F 派生 Telnet 凭据 fallback;显式传入的用户名/密码始终优先。如果设备不是该规则,或需要保留空凭据/自定义认证,可加 `--no-derived-credentials` 关闭。`--use-derived-credentials` 仍作为兼容参数接受:
|
|
150
166
|
|
|
151
167
|
```bash
|
|
152
|
-
fh-tool cfg get InternetGatewayDevice.DeviceInfo.Manufacturer
|
|
153
|
-
fh-tool wan list
|
|
168
|
+
fh-tool cfg get InternetGatewayDevice.DeviceInfo.Manufacturer
|
|
169
|
+
fh-tool wan list
|
|
170
|
+
fh-tool cfg get InternetGatewayDevice.DeviceInfo.Manufacturer --no-derived-credentials
|
|
154
171
|
```
|
|
155
172
|
|
|
173
|
+
需要 root shell 的 Telnet 操作会自动执行 `su root`,当前 su 密码默认按 HG5143F 规则从 MAC 派生;如果 runtime su 密码已经被你改过,可显式传 `--su-password` 或 `--su-password-stdin`。例如 device restore、`cloud disable-cloudclt --confirm`、`account set-su-runtime-password --confirm` 会走 root runner。`account set-su-runtime-password` 写入的是 `/var/telsu` 的 passwd 格式 md5-crypt 行,不会把明文密码写入远端命令。
|
|
174
|
+
|
|
156
175
|
诊断命令保持只读;`ip status` 这类依赖 VM/userspace 工具的命令会分别标记每个 probe 的 `ok/output/error`,工具缺失时输出 `partial_failure=true`,不会吞掉其它已成功字段。
|
|
157
176
|
|
|
158
177
|
本地 VM 集成测试默认会跳过;需要显式指定 VM 目录才会运行:
|
|
@@ -197,6 +216,8 @@ fh-tool restore backup.tgz \
|
|
|
197
216
|
|
|
198
217
|
当前 restore 只恢复 allowlist 内的配置文件,且会拒绝路径穿越、绝对路径逃逸和未知文件写入。`/proc/mtd`、runtime password 文件、restore/factory reset flag 等备份内容不会被恢复。恢复后会 read-back/hash verify;不会自动 reboot,也不会自动 factory reset。
|
|
199
218
|
|
|
219
|
+
默认备份清单包含调研确认的 `/fhconf`、`/fhdata`、runtime password、CloudPlat/appframework 状态和 boot/app 信息等只读路径;这些新增调研路径不会自动加入 restore allowlist。
|
|
220
|
+
|
|
200
221
|
## CloudPlat / SmartSwitch
|
|
201
222
|
|
|
202
223
|
CloudPlat 默认先做只读审计和计划:
|
|
@@ -215,6 +236,14 @@ fh-tool cloud disable-smartswitch --confirm
|
|
|
215
236
|
|
|
216
237
|
该命令不会修改 LOID、PON、WAN VLAN、ServiceList 或 TR-069 VLAN。
|
|
217
238
|
|
|
239
|
+
只停 CloudPlat 连接优先使用 SAF container 内的 `cloudclt` init 脚本:
|
|
240
|
+
|
|
241
|
+
```bash
|
|
242
|
+
fh-tool cloud disable-cloudclt --confirm
|
|
243
|
+
```
|
|
244
|
+
|
|
245
|
+
该命令通过 `lxc-attach -n saf -- /etc/init.d/cloudclt stop/disable` 执行,需要 root runner;仍然不会 patch 启动脚本或删除 package。
|
|
246
|
+
|
|
218
247
|
## 22 个 `/fh_tool/api` method 覆盖
|
|
219
248
|
|
|
220
249
|
已提供 typed command:
|
|
@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
|
|
|
4
4
|
|
|
5
5
|
[project]
|
|
6
6
|
name = "fh_tool-cli"
|
|
7
|
-
version = "0.2.
|
|
7
|
+
version = "0.2.3"
|
|
8
8
|
description = "用于本地管理 FiberHome fh_tool 接口的 Python CLI"
|
|
9
9
|
readme = "README.md"
|
|
10
10
|
requires-python = ">=3.11"
|
|
@@ -18,8 +18,10 @@ classifiers = [
|
|
|
18
18
|
"Topic :: System :: Networking",
|
|
19
19
|
]
|
|
20
20
|
dependencies = [
|
|
21
|
+
"click>=8.1.0",
|
|
21
22
|
"cryptography>=42.0.0",
|
|
22
23
|
"requests>=2.31.0",
|
|
24
|
+
"rich>=13.7.0",
|
|
23
25
|
]
|
|
24
26
|
|
|
25
27
|
[project.scripts]
|
|
@@ -3,6 +3,7 @@ from __future__ import annotations
|
|
|
3
3
|
import shlex
|
|
4
4
|
import sys
|
|
5
5
|
from dataclasses import dataclass
|
|
6
|
+
from hashlib import md5
|
|
6
7
|
from secrets import token_urlsafe
|
|
7
8
|
from typing import Any
|
|
8
9
|
|
|
@@ -13,6 +14,8 @@ WEB_ADMIN_PASSWORD_PATH = "InternetGatewayDevice.DeviceInfo.X_CT-COM_TeleComAcco
|
|
|
13
14
|
TELNET_PASSWORD_PATH = "InternetGatewayDevice.DeviceInfo.X_CT-COM_ServiceManage.TelnetPassword"
|
|
14
15
|
TELNET_USERNAME_PATH = "InternetGatewayDevice.DeviceInfo.X_CT-COM_ServiceManage.TelnetUserName"
|
|
15
16
|
SU_RUNTIME_PASSWORD_FILE = "/var/telsu"
|
|
17
|
+
_MD5_CRYPT_MAGIC = b"$1$"
|
|
18
|
+
_MD5_CRYPT_ALPHABET = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
16
19
|
|
|
17
20
|
|
|
18
21
|
@dataclass(frozen=True)
|
|
@@ -69,7 +72,9 @@ def set_telnet_username(backend: CfgCmdBackend, name: str) -> dict[str, Any]:
|
|
|
69
72
|
|
|
70
73
|
|
|
71
74
|
def set_su_runtime_password(shell_runner: Any, password: str) -> dict[str, Any]:
|
|
72
|
-
|
|
75
|
+
hashed_password = _md5_crypt_empty_salt(password)
|
|
76
|
+
passwd_entry = f"root:{hashed_password}:0:0:Telnet user:/:/bin/ash"
|
|
77
|
+
command = f"printf '%s\\n' {shlex.quote(passwd_entry)} > {shlex.quote(SU_RUNTIME_PASSWORD_FILE)}"
|
|
73
78
|
shell_runner(command)
|
|
74
79
|
return {
|
|
75
80
|
"path": SU_RUNTIME_PASSWORD_FILE,
|
|
@@ -80,6 +85,62 @@ def set_su_runtime_password(shell_runner: Any, password: str) -> dict[str, Any]:
|
|
|
80
85
|
}
|
|
81
86
|
|
|
82
87
|
|
|
88
|
+
def _md5_crypt_empty_salt(password: str) -> str:
|
|
89
|
+
return _md5_crypt(password.encode(), b"")
|
|
90
|
+
|
|
91
|
+
|
|
92
|
+
def _md5_crypt(password: bytes, salt: bytes) -> str:
|
|
93
|
+
if len(salt) > 8:
|
|
94
|
+
salt = salt[:8]
|
|
95
|
+
|
|
96
|
+
digest = md5(password + _MD5_CRYPT_MAGIC + salt)
|
|
97
|
+
alternate = md5(password + salt + password).digest()
|
|
98
|
+
password_len = len(password)
|
|
99
|
+
|
|
100
|
+
remaining = password_len
|
|
101
|
+
while remaining > 0:
|
|
102
|
+
digest.update(alternate[: min(16, remaining)])
|
|
103
|
+
remaining -= 16
|
|
104
|
+
|
|
105
|
+
remaining = password_len
|
|
106
|
+
while remaining > 0:
|
|
107
|
+
if remaining & 1:
|
|
108
|
+
digest.update(b"\x00")
|
|
109
|
+
else:
|
|
110
|
+
digest.update(password[:1])
|
|
111
|
+
remaining >>= 1
|
|
112
|
+
|
|
113
|
+
final = digest.digest()
|
|
114
|
+
for index in range(1000):
|
|
115
|
+
digest = md5()
|
|
116
|
+
digest.update(password if index & 1 else final)
|
|
117
|
+
if index % 3:
|
|
118
|
+
digest.update(salt)
|
|
119
|
+
if index % 7:
|
|
120
|
+
digest.update(password)
|
|
121
|
+
digest.update(final if index & 1 else password)
|
|
122
|
+
final = digest.digest()
|
|
123
|
+
|
|
124
|
+
encoded = (
|
|
125
|
+
_md5_crypt_base64(final[0], final[6], final[12], 4)
|
|
126
|
+
+ _md5_crypt_base64(final[1], final[7], final[13], 4)
|
|
127
|
+
+ _md5_crypt_base64(final[2], final[8], final[14], 4)
|
|
128
|
+
+ _md5_crypt_base64(final[3], final[9], final[15], 4)
|
|
129
|
+
+ _md5_crypt_base64(final[4], final[10], final[5], 4)
|
|
130
|
+
+ _md5_crypt_base64(0, 0, final[11], 2)
|
|
131
|
+
)
|
|
132
|
+
return f"$1${salt.decode()}${encoded}"
|
|
133
|
+
|
|
134
|
+
|
|
135
|
+
def _md5_crypt_base64(byte2: int, byte1: int, byte0: int, length: int) -> str:
|
|
136
|
+
value = (byte2 << 16) | (byte1 << 8) | byte0
|
|
137
|
+
encoded = []
|
|
138
|
+
for _ in range(length):
|
|
139
|
+
encoded.append(_MD5_CRYPT_ALPHABET[value & 0x3F])
|
|
140
|
+
value >>= 6
|
|
141
|
+
return "".join(encoded)
|
|
142
|
+
|
|
143
|
+
|
|
83
144
|
def _redact_write_result(result: dict[str, Any]) -> dict[str, Any]:
|
|
84
145
|
redacted = dict(result)
|
|
85
146
|
redacted["value"] = "[REDACTED]"
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
from __future__ import annotations
|
|
2
2
|
|
|
3
3
|
import json
|
|
4
|
+
import logging
|
|
4
5
|
import re
|
|
5
6
|
import shlex
|
|
6
7
|
from collections.abc import Callable
|
|
@@ -8,6 +9,7 @@ from pathlib import Path
|
|
|
8
9
|
from typing import Any
|
|
9
10
|
|
|
10
11
|
from ..errors import CliError
|
|
12
|
+
from ..output import log_event
|
|
11
13
|
|
|
12
14
|
DANGER_CFG_PATH_RE = re.compile(
|
|
13
15
|
r"(tr-?069|wan|pon|loid|vlan|preconfig|servicelist|smartswitch|cloudplat)",
|
|
@@ -57,13 +59,23 @@ class CfgCmdBackend:
|
|
|
57
59
|
self.expensive_missing_paths = expensive_missing_paths
|
|
58
60
|
|
|
59
61
|
def get(self, path: str) -> str:
|
|
60
|
-
|
|
62
|
+
log_event(logging.DEBUG, "cfg.get.start", path=path, risk=cfg_read_risk(path))
|
|
63
|
+
output = self._runner(_cfg_command("get", path))
|
|
64
|
+
value = parse_cfg_get_output(path, output)
|
|
65
|
+
log_event(logging.DEBUG, "cfg.get.success", path=path, risk=cfg_read_risk(path), empty=not bool(value))
|
|
66
|
+
return value
|
|
61
67
|
|
|
62
68
|
def set(self, path: str, value: str) -> str:
|
|
63
|
-
|
|
69
|
+
log_event(logging.INFO, "cfg.set.start", path=path, risk=cfg_path_risk(path))
|
|
70
|
+
result = self._runner(_cfg_command("set", path, value))
|
|
71
|
+
log_event(logging.INFO, "cfg.set.success", path=path, risk=cfg_path_risk(path))
|
|
72
|
+
return result
|
|
64
73
|
|
|
65
74
|
def attr(self, path: str) -> str:
|
|
66
|
-
|
|
75
|
+
log_event(logging.DEBUG, "cfg.attr.start", path=path, risk=cfg_read_risk(path))
|
|
76
|
+
result = self._runner(_cfg_command("attr", path)).strip()
|
|
77
|
+
log_event(logging.DEBUG, "cfg.attr.success", path=path, risk=cfg_read_risk(path), empty=not bool(result))
|
|
78
|
+
return result
|
|
67
79
|
|
|
68
80
|
|
|
69
81
|
def cfg_set_with_verify(backend: CfgCmdBackend, path: str, value: str) -> dict[str, Any]:
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
from __future__ import annotations
|
|
2
2
|
|
|
3
3
|
import argparse
|
|
4
|
+
import logging
|
|
4
5
|
from typing import Any
|
|
5
6
|
|
|
6
7
|
import requests
|
|
@@ -8,6 +9,7 @@ import requests
|
|
|
8
9
|
from ..config_store import format_mac, resolve_ip, resolve_mac
|
|
9
10
|
from ..crypto import decrypt_payload, derive_crypto, encrypt_payload
|
|
10
11
|
from ..errors import FHToolError
|
|
12
|
+
from ..output import log_event
|
|
11
13
|
|
|
12
14
|
FH_TOOL_API_PATH = "/fh_tool/api"
|
|
13
15
|
FH_TOOL_UPLOAD_PATH = "/fh_tool/upload"
|
|
@@ -22,6 +24,8 @@ def fh_tool_call(
|
|
|
22
24
|
crypto = derive_crypto(mac)
|
|
23
25
|
encrypted = encrypt_payload(payload, crypto)
|
|
24
26
|
url = f"http://{ip}:8080{FH_TOOL_API_PATH}"
|
|
27
|
+
func = str(payload.get("func", "unknown"))
|
|
28
|
+
log_event(logging.INFO, "fh_tool.api.request", ip=ip, path=FH_TOOL_API_PATH, func=func)
|
|
25
29
|
try:
|
|
26
30
|
response = requests.post(
|
|
27
31
|
url,
|
|
@@ -34,15 +38,35 @@ def fh_tool_call(
|
|
|
34
38
|
allow_redirects=False,
|
|
35
39
|
)
|
|
36
40
|
except requests.RequestException as exc:
|
|
41
|
+
log_event(logging.INFO, "fh_tool.api.error", ip=ip, path=FH_TOOL_API_PATH, func=func, error=str(exc))
|
|
37
42
|
raise FHToolError(f"无法连接 {url}: {exc}") from exc
|
|
38
43
|
|
|
39
44
|
if response.status_code != 200:
|
|
45
|
+
log_event(
|
|
46
|
+
logging.INFO,
|
|
47
|
+
"fh_tool.api.http_error",
|
|
48
|
+
ip=ip,
|
|
49
|
+
path=FH_TOOL_API_PATH,
|
|
50
|
+
func=func,
|
|
51
|
+
status_code=response.status_code,
|
|
52
|
+
)
|
|
40
53
|
raise FHToolError(f"{FH_TOOL_API_PATH} 返回 HTTP {response.status_code}")
|
|
41
54
|
|
|
42
55
|
try:
|
|
43
|
-
|
|
56
|
+
result = decrypt_payload(response.text, crypto)
|
|
44
57
|
except Exception as exc:
|
|
58
|
+
log_event(logging.INFO, "fh_tool.api.decrypt_error", ip=ip, path=FH_TOOL_API_PATH, func=func)
|
|
45
59
|
raise FHToolError("响应解密失败,MAC 可能不匹配或固件协议不同") from exc
|
|
60
|
+
log_event(
|
|
61
|
+
logging.INFO,
|
|
62
|
+
"fh_tool.api.response",
|
|
63
|
+
ip=ip,
|
|
64
|
+
path=FH_TOOL_API_PATH,
|
|
65
|
+
func=func,
|
|
66
|
+
status_code=response.status_code,
|
|
67
|
+
result=result.get("result") if isinstance(result, dict) else None,
|
|
68
|
+
)
|
|
69
|
+
return result
|
|
46
70
|
|
|
47
71
|
|
|
48
72
|
def api_payload(func: str, params: dict[str, Any] | None = None, index: str = "1") -> dict[str, Any]:
|
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
from __future__ import annotations
|
|
2
|
+
|
|
3
|
+
import socket
|
|
4
|
+
import logging
|
|
5
|
+
from dataclasses import dataclass
|
|
6
|
+
|
|
7
|
+
from ..config_store import decode_text
|
|
8
|
+
from ..errors import FHToolError
|
|
9
|
+
from ..output import log_event
|
|
10
|
+
|
|
11
|
+
|
|
12
|
+
@dataclass(frozen=True)
|
|
13
|
+
class TelnetCredentials:
|
|
14
|
+
host: str
|
|
15
|
+
port: int = 23
|
|
16
|
+
username: str | None = None
|
|
17
|
+
password: str | None = None
|
|
18
|
+
timeout: float = 5.0
|
|
19
|
+
|
|
20
|
+
|
|
21
|
+
class TelnetShell:
|
|
22
|
+
def __init__(self, credentials: TelnetCredentials):
|
|
23
|
+
self.credentials = credentials
|
|
24
|
+
|
|
25
|
+
def run(self, command: str) -> str:
|
|
26
|
+
log_event(
|
|
27
|
+
logging.INFO,
|
|
28
|
+
"telnet.command.start",
|
|
29
|
+
host=self.credentials.host,
|
|
30
|
+
port=self.credentials.port,
|
|
31
|
+
username_present=bool(self.credentials.username),
|
|
32
|
+
password_present=bool(self.credentials.password),
|
|
33
|
+
)
|
|
34
|
+
try:
|
|
35
|
+
with socket.create_connection(
|
|
36
|
+
(self.credentials.host, self.credentials.port),
|
|
37
|
+
timeout=self.credentials.timeout,
|
|
38
|
+
) as sock:
|
|
39
|
+
sock.settimeout(self.credentials.timeout)
|
|
40
|
+
if self.credentials.username:
|
|
41
|
+
_read_until(sock, b"login:")
|
|
42
|
+
sock.sendall(self.credentials.username.encode("utf-8") + b"\n")
|
|
43
|
+
if self.credentials.password:
|
|
44
|
+
_read_until(sock, b"Password:")
|
|
45
|
+
sock.sendall(self.credentials.password.encode("utf-8") + b"\n")
|
|
46
|
+
sock.sendall(command.encode("utf-8") + b"\n")
|
|
47
|
+
sock.sendall(b"exit\n")
|
|
48
|
+
output = decode_text(_read_all(sock))
|
|
49
|
+
log_event(
|
|
50
|
+
logging.INFO,
|
|
51
|
+
"telnet.command.success",
|
|
52
|
+
host=self.credentials.host,
|
|
53
|
+
port=self.credentials.port,
|
|
54
|
+
output_bytes=len(output.encode("utf-8")),
|
|
55
|
+
)
|
|
56
|
+
return output
|
|
57
|
+
except OSError as exc:
|
|
58
|
+
log_event(
|
|
59
|
+
logging.INFO,
|
|
60
|
+
"telnet.command.error",
|
|
61
|
+
host=self.credentials.host,
|
|
62
|
+
port=self.credentials.port,
|
|
63
|
+
error=str(exc),
|
|
64
|
+
)
|
|
65
|
+
raise FHToolError(f"Telnet command failed: {exc}") from exc
|
|
66
|
+
|
|
67
|
+
def run_as_root(self, command: str, *, su_password: str) -> str:
|
|
68
|
+
log_event(
|
|
69
|
+
logging.INFO,
|
|
70
|
+
"telnet.root_command.start",
|
|
71
|
+
host=self.credentials.host,
|
|
72
|
+
port=self.credentials.port,
|
|
73
|
+
username_present=bool(self.credentials.username),
|
|
74
|
+
telnet_password_present=bool(self.credentials.password),
|
|
75
|
+
su_password_present=bool(su_password),
|
|
76
|
+
)
|
|
77
|
+
try:
|
|
78
|
+
with socket.create_connection(
|
|
79
|
+
(self.credentials.host, self.credentials.port),
|
|
80
|
+
timeout=self.credentials.timeout,
|
|
81
|
+
) as sock:
|
|
82
|
+
sock.settimeout(self.credentials.timeout)
|
|
83
|
+
if self.credentials.username:
|
|
84
|
+
_read_until(sock, b"login:")
|
|
85
|
+
sock.sendall(self.credentials.username.encode("utf-8") + b"\n")
|
|
86
|
+
if self.credentials.password:
|
|
87
|
+
_read_until(sock, b"Password:")
|
|
88
|
+
sock.sendall(self.credentials.password.encode("utf-8") + b"\n")
|
|
89
|
+
sock.sendall(b"su root\n")
|
|
90
|
+
_read_until(sock, b"Password:")
|
|
91
|
+
sock.sendall(su_password.encode("utf-8") + b"\n")
|
|
92
|
+
sock.sendall(command.encode("utf-8") + b"\n")
|
|
93
|
+
sock.sendall(b"exit\n")
|
|
94
|
+
sock.sendall(b"exit\n")
|
|
95
|
+
output = decode_text(_read_all(sock))
|
|
96
|
+
log_event(
|
|
97
|
+
logging.INFO,
|
|
98
|
+
"telnet.root_command.success",
|
|
99
|
+
host=self.credentials.host,
|
|
100
|
+
port=self.credentials.port,
|
|
101
|
+
output_bytes=len(output.encode("utf-8")),
|
|
102
|
+
)
|
|
103
|
+
return output
|
|
104
|
+
except OSError as exc:
|
|
105
|
+
log_event(
|
|
106
|
+
logging.INFO,
|
|
107
|
+
"telnet.root_command.error",
|
|
108
|
+
host=self.credentials.host,
|
|
109
|
+
port=self.credentials.port,
|
|
110
|
+
error=str(exc),
|
|
111
|
+
)
|
|
112
|
+
raise FHToolError(f"Telnet root command failed: {exc}") from exc
|
|
113
|
+
|
|
114
|
+
|
|
115
|
+
def _read_until(sock: socket.socket, marker: bytes) -> bytes:
|
|
116
|
+
data = bytearray()
|
|
117
|
+
while marker not in data:
|
|
118
|
+
try:
|
|
119
|
+
chunk = sock.recv(4096)
|
|
120
|
+
except TimeoutError:
|
|
121
|
+
break
|
|
122
|
+
if not chunk:
|
|
123
|
+
break
|
|
124
|
+
data.extend(chunk)
|
|
125
|
+
return bytes(data)
|
|
126
|
+
|
|
127
|
+
|
|
128
|
+
def _read_all(sock: socket.socket) -> bytes:
|
|
129
|
+
data = bytearray()
|
|
130
|
+
while True:
|
|
131
|
+
try:
|
|
132
|
+
chunk = sock.recv(4096)
|
|
133
|
+
except TimeoutError:
|
|
134
|
+
break
|
|
135
|
+
if not chunk:
|
|
136
|
+
break
|
|
137
|
+
data.extend(chunk)
|
|
138
|
+
return bytes(data)
|
|
@@ -2,6 +2,7 @@ from __future__ import annotations
|
|
|
2
2
|
|
|
3
3
|
import base64
|
|
4
4
|
import hashlib
|
|
5
|
+
import logging
|
|
5
6
|
import re
|
|
6
7
|
from typing import Any
|
|
7
8
|
from urllib.parse import urljoin
|
|
@@ -11,6 +12,7 @@ from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
|
|
|
11
12
|
from cryptography.hazmat.primitives.padding import PKCS7
|
|
12
13
|
|
|
13
14
|
from ..errors import FHToolError
|
|
15
|
+
from ..output import log_event
|
|
14
16
|
|
|
15
17
|
DEFAULT_AJAX_PATH = "/cgi-bin/ajax"
|
|
16
18
|
DEFAULT_WEB_LOGIN_PORT = "0"
|
|
@@ -65,10 +67,13 @@ class WebAjaxClient:
|
|
|
65
67
|
|
|
66
68
|
def login_check(self) -> dict[str, Any]:
|
|
67
69
|
url = self.base_url
|
|
70
|
+
log_event(logging.INFO, "web.login_check.start", base_url=self.base_url)
|
|
68
71
|
try:
|
|
69
72
|
response = self.session.get(url, timeout=self.timeout, allow_redirects=False)
|
|
70
73
|
except requests.RequestException as exc:
|
|
74
|
+
log_event(logging.INFO, "web.login_check.error", base_url=self.base_url, error=str(exc))
|
|
71
75
|
raise FHToolError(f"Web login-check failed {url}: {exc}") from exc
|
|
76
|
+
log_event(logging.INFO, "web.login_check.response", base_url=self.base_url, status_code=response.status_code)
|
|
72
77
|
result = {
|
|
73
78
|
"url": url,
|
|
74
79
|
"status_code": response.status_code,
|
|
@@ -112,6 +117,7 @@ class WebAjaxClient:
|
|
|
112
117
|
*,
|
|
113
118
|
port: str = DEFAULT_WEB_LOGIN_PORT,
|
|
114
119
|
) -> dict[str, Any]:
|
|
120
|
+
log_event(logging.INFO, "web.login.start", base_url=self.base_url, username=username)
|
|
115
121
|
brmad = self._fetch_brmad()
|
|
116
122
|
self.ajax_get("get_operator", use_session=False)
|
|
117
123
|
loginpd = fiberhome_web_encrypt(
|
|
@@ -128,10 +134,21 @@ class WebAjaxClient:
|
|
|
128
134
|
)
|
|
129
135
|
response = result.get("response")
|
|
130
136
|
login_result = response.get("login_result") if isinstance(response, dict) else None
|
|
137
|
+
ok = result["ok"] and str(login_result) == "0"
|
|
138
|
+
log_event(
|
|
139
|
+
logging.INFO,
|
|
140
|
+
"web.login.response",
|
|
141
|
+
base_url=self.base_url,
|
|
142
|
+
username=username,
|
|
143
|
+
status_code=result["status_code"],
|
|
144
|
+
ok=ok,
|
|
145
|
+
login_result=login_result,
|
|
146
|
+
sessionid_present=bool(self.sessionid),
|
|
147
|
+
)
|
|
131
148
|
return {
|
|
132
149
|
"method": "do_login",
|
|
133
150
|
"status_code": result["status_code"],
|
|
134
|
-
"ok":
|
|
151
|
+
"ok": ok,
|
|
135
152
|
"login_result": login_result,
|
|
136
153
|
"username": username,
|
|
137
154
|
"sessionid_present": bool(self.sessionid),
|
|
@@ -151,6 +168,14 @@ class WebAjaxClient:
|
|
|
151
168
|
request_params.update(params)
|
|
152
169
|
if use_session and self.sessionid:
|
|
153
170
|
request_params.setdefault("sessionid", self.sessionid)
|
|
171
|
+
log_event(
|
|
172
|
+
logging.DEBUG,
|
|
173
|
+
"web.ajax.request",
|
|
174
|
+
base_url=self.base_url,
|
|
175
|
+
http_method="GET",
|
|
176
|
+
method=method,
|
|
177
|
+
sessionid_present=bool(request_params.get("sessionid")),
|
|
178
|
+
)
|
|
154
179
|
try:
|
|
155
180
|
response = self.session.get(
|
|
156
181
|
url,
|
|
@@ -159,6 +184,14 @@ class WebAjaxClient:
|
|
|
159
184
|
allow_redirects=False,
|
|
160
185
|
)
|
|
161
186
|
except requests.RequestException as exc:
|
|
187
|
+
log_event(
|
|
188
|
+
logging.INFO,
|
|
189
|
+
"web.ajax.error",
|
|
190
|
+
base_url=self.base_url,
|
|
191
|
+
http_method="GET",
|
|
192
|
+
method=method,
|
|
193
|
+
error=str(exc),
|
|
194
|
+
)
|
|
162
195
|
raise FHToolError(f"Web AJAX GET failed {url}: {exc}") from exc
|
|
163
196
|
return self._response_result("GET", url, method, response)
|
|
164
197
|
|
|
@@ -168,6 +201,14 @@ class WebAjaxClient:
|
|
|
168
201
|
request_data["ajaxmethod"] = method
|
|
169
202
|
if self.sessionid:
|
|
170
203
|
request_data.setdefault("sessionid", self.sessionid)
|
|
204
|
+
log_event(
|
|
205
|
+
logging.DEBUG,
|
|
206
|
+
"web.ajax.request",
|
|
207
|
+
base_url=self.base_url,
|
|
208
|
+
http_method="POST",
|
|
209
|
+
method=method,
|
|
210
|
+
sessionid_present=bool(request_data.get("sessionid")),
|
|
211
|
+
)
|
|
171
212
|
try:
|
|
172
213
|
response = self.session.post(
|
|
173
214
|
url,
|
|
@@ -176,6 +217,14 @@ class WebAjaxClient:
|
|
|
176
217
|
allow_redirects=False,
|
|
177
218
|
)
|
|
178
219
|
except requests.RequestException as exc:
|
|
220
|
+
log_event(
|
|
221
|
+
logging.INFO,
|
|
222
|
+
"web.ajax.error",
|
|
223
|
+
base_url=self.base_url,
|
|
224
|
+
http_method="POST",
|
|
225
|
+
method=method,
|
|
226
|
+
error=str(exc),
|
|
227
|
+
)
|
|
179
228
|
raise FHToolError(f"Web AJAX POST failed {url}: {exc}") from exc
|
|
180
229
|
return self._response_result("POST", url, method, response)
|
|
181
230
|
|
|
@@ -319,6 +368,16 @@ class WebAjaxClient:
|
|
|
319
368
|
"content_type": response.headers.get("Content-Type"),
|
|
320
369
|
"sessionid_present": bool(self.sessionid),
|
|
321
370
|
}
|
|
371
|
+
log_event(
|
|
372
|
+
logging.DEBUG,
|
|
373
|
+
"web.ajax.response",
|
|
374
|
+
base_url=self.base_url,
|
|
375
|
+
http_method=http_method,
|
|
376
|
+
method=method,
|
|
377
|
+
status_code=response.status_code,
|
|
378
|
+
ok=result["ok"],
|
|
379
|
+
sessionid_present=bool(self.sessionid),
|
|
380
|
+
)
|
|
322
381
|
try:
|
|
323
382
|
payload = response.json()
|
|
324
383
|
except ValueError:
|